[Bug 1723822] Re: uncaught TypeError triggers ValueError

Launchpad Bug Tracker 1723822 at bugs.launchpad.net
Thu Nov 16 03:03:16 UTC 2017 

This bug was fixed in the package apport - 2.20.8-0ubuntu1

---------------
apport (2.20.8-0ubuntu1) bionic; urgency=medium

   * New upstream release:
     - SECURITY UPDATE: Denial of service via resource exhaustion and
       privilege escalation when handling crashes of tainted processes.
     - When /proc/sys/fs/suid_dumpable is set to 2, do not assume that
       the user and group owning the /proc/<PID>/stat file is the same
       owner and group that started the process. Rather check the dump
       mode of the crashed process and do not write a core file if its
       value is 2. Thanks to Sander Bos for discovering this issue!
       (CVE-2017-14177, LP: #1726372)
     - SECURITY UPDATE: Denial of service via resource exhaustion,
       privilege escalation, and possible container escape when handling
       crashes of processes inside PID namespaces.
     - Change the method for determining if a crash is from a container
       so that there are no false positives from software using PID
       namespaces. Additionally, disable container crash forwarding by
       ignoring crashes that occur in a PID namespace. This functionality
       may be re-enabled in a future update. Thanks to Sander Bos for
       discovering this issue!
       (CVE-2017-14180, LP: #1726372)
   * apport/hookutils.py: modify package_versions to return an empty string if
     packages is empty. (LP: #1723822)

 -- Brian Murray <brian at ubuntu.com>  Wed, 15 Nov 2017 12:44:24 -0800

** Changed in: apport (Ubuntu)
       Status: Triaged => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14177

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-14180

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1723822

Title:
  uncaught TypeError triggers ValueError

Status in Apport:
  Fix Released
Status in apport package in Ubuntu:
  Fix Released
Status in nautilus package in Ubuntu:
  Triaged

Bug description:
  $ ubuntu-bug nautilus
  ERROR: hook /usr/share/apport/package-hooks/source_nautilus.py crashed:
  Traceback (most recent call last):
    File "/usr/lib/python3/dist-packages/apport/report.py", line 198, in _run_hook
      symb['add_info'](report, ui)
  TypeError: add_info() takes 1 positional argument but 2 were given

  During handling of the above exception, another exception occurred:

  Traceback (most recent call last):
    File "/usr/lib/python3/dist-packages/apport/report.py", line 203, in _run_hook
      symb['add_info'](report)
    File "/usr/share/apport/package-hooks/source_nautilus.py", line 23, in add_info
      report["usr_lib_nautilus"] = package_versions(*sorted(plugin_packages))
    File "/usr/lib/python3/dist-packages/apport/hookutils.py", line 785, in package_versions
      map(max, [map(len, t) for t in zip(*versions)])
  ValueError: not enough values to unpack (expected 2, got 0)
  This tool has been deprecated, use 'gio open' instead.
  See 'gio help open' for more info.

  $ Created new window in existing browser session.

  ProblemType: Bug
  DistroRelease: Ubuntu 17.10
  Package: apport 2.20.7-0ubuntu3
  ProcVersionSignature: Ubuntu 4.13.0-16.19-generic 4.13.4
  Uname: Linux 4.13.0-16-generic x86_64
  ApportVersion: 2.20.7-0ubuntu3
  Architecture: amd64
  CrashReports:
   640:121:119:20593327:2017-10-14 08:49:43.994080376 -0700:2017-10-14 08:49:24.682136558 -0700:/var/crash/_usr_bin_gnome-shell.121.crash
   640:0:119:712257:2017-10-13 22:55:49.843941428 -0700:2017-10-13 22:55:48.723911385 -0700:/var/crash/_usr_lib_udisks2_udisksd.0.crash
   640:1000:119:432238:2017-10-14 07:48:01.498643348 -0700:2017-10-14 07:48:00.714643372 -0700:/var/crash/_usr_lib_gvfs_gvfsd-mtp.1000.crash
   664:1000:119:0:2017-10-13 19:55:40.447393054 -0700:2017-10-13 19:55:40.447393054 -0700:/var/crash/_usr_lib_gvfs_gvfsd-mtp.1000.upload
   600:112:119:0:2017-10-13 19:55:42.247460153 -0700:2017-10-13 19:55:42.247460153 -0700:/var/crash/_usr_lib_gvfs_gvfsd-mtp.1000.uploaded
  CurrentDesktop: ubuntu:GNOME
  Date: Sun Oct 15 17:52:08 2017
  InstallationDate: Installed on 2017-10-03 (12 days ago)
  InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Alpha amd64 (20170926)
  PackageArchitecture: all
  SourcePackage: apport
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1723822/+subscriptions

More information about the foundations-bugs mailing list